There are a number of cases in which it can be desirable to verify that a person conducting a transaction did in fact conduct the transaction. In one example, a person conducting a payment transaction with another's account may be conducting that payment transaction fraudulently. In another example, a person attempting to access a building with a stolen access badge may attempt to fraudulently gain access to the location. In these instances, one way to help ensure that the authorized user is the correct user is to determine if the location of the mobile phone of an authorized user matches the location of the terminal at which the person is conducting the transaction. If the locations match, then the person is likely the authentic user, because a fraudulent user would not be in possession of the legitimate user's mobile phone.
One problem with the verification process that is described above is that a remote computer that is making the determination as to whether the person is the legitimate user may not have a clear indication of where the terminal is located. New terminals may be installed frequently and it is difficult to determine the location of these terminals unless the owner of those terminals somehow pre-register the exact coordinates of those terminals with the remote computer beforehand. Also, even if terminals can be pre-registered with their locations, the terminals can be moved by the personnel maintaining them. As such, it is very difficult to determine with any degree of certainty that the person is in fact authorized to access a given resource or location associated with a particular terminal.
Embodiments of the invention address these and other problems, individually and collectively.